Contact Support

Premium Services

PC Security

What is ransomware?

0 Shares

Imagine someone getting access to your computer, encrypting all your family photos and other priceless files, and then demanding a ransom for their safe return. That is what ransomware is all about. Ransomware is a type of malware used for data kidnapping. It takes your data hostage by encrypting it using supposedly unbreakable encryption algorithms and then demands payment in exchange for the decryption key.

Your money or your files

Ransomware works in various ways and demands different ransoms. One ransomware Trojan searched a victim's hard disk drive for 15 common file types, including images and Microsoft Office file types. It then encrypted the files, removed the originals and dropped a note asking $200 for the encryption key. Another piece of ransomware froze a victim's system and threatened to delete files every 30 minutes until an amount of $10.99 was sent to a particular account.

Instructions on how to recover encrypted data are typically left on an infected PC. Take, for example, Troj/Ransom-U, which changes your Windows desktop wallpaper to deliver the first part of the ransom message.

”Attention!!!

All your personal files (photo, documents, texts, databases, certificates, kwm-files, and video) have been encrypted by a very strong cypher RSA-1024. The original files are deleted. You can check this by yourself - just look for files in all folders.

There is no possibility to decrypt these files without a special decrypt program! Nobody can help you - even don't try to find another method or tell anybody. Also after n days all encrypted files will be completely deleted and you will have no chance to get it back.

We can help to solve this task for 120$ via wire transfer (bank transfer SWIFT/IBAN). And remember: any harmful or bad words to our side will be a reason for ingoring your message and nothing will be done.

For details you have to send your request on this e-mail (attach to message a full serial key shown below in this 'how to..' file on desktop): [email address]."

There have also been examples of webmail (in most cases Hotmail) accounts being hijacked, with all mail and contacts erased. The only remaining message: a ransom note demanding payment for the return of the deleted data.

Ransomware on the rise

According to Nart Villeneuve, recent techniques in the field of cybercrime often involve taking a user’s computer hostage. The malware does this by denying users access to their desktop and files until they dial an SMS number and enter a code.

In the latest ransomware campaign detected by Trend Labs, the SMS agency charges the user the equivalent of $12 before giving them the code to free their systems.

Villeneuve said an on-going campaign has netted the responsible cybercriminal $29,435 over the last five weeks. He goes on to note that this means that 2,500 people have paid the hacker’s ransom.

Ransomware first appeared in May 2005 and it is also known as a cryptovirus, cryptotrojan or cryptoworm.